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REMARKS 

Status of the Claims 

Claims 1-25 were in the application as filed. 

Restriction to one of the sets of claims (a) 1-21 or (b) 22-25 was required by 
Examiner. In a telephone conversation with Samuel H. Dworetsky, attorney for 
applicants, on December 6, 2004, set (b) - claims 22-25 - was provisionally elected. This 
election to proceed with examination of claims 22-25 has been previously affirmed. 
Applicants expressly reserve the right to have claims 1-21 subject to examination in the 
further prosecution of a divisional or other application based on the present application. 
The following comments and arguments will be restricted to the examination of claims 
22-25. 

Claims 22 and 23 stand objected to as containing abbreviations, acronyms, or the 
like. While no specific terms are identified by Examiner, it is assumed that these 
objections apply to the term "DNS" in claim 22 and "IPsec" in claim 23. No other terms 
appear to even remotely be subject to possible objection as "unidentified" in these claims. 

Claims 22-24 stand rejected under 35 USC § 1 12, as having insufficient 
antecedent basis for the limitation "said data packet streams." 

Claim 22 stands rejected under 35 USC § 102(e) as being anticipated by Liu, U.S. 
Patent 6,079.020 (hereinafter, Liny 

Claims 23-25 stand rejected under 35 USC § 103(a) as being unpatentable over 
Liu as applied to claim 22 and further in view of Ludovice, et a/., U.S. Patent 6,636,898 
(hereinafter Ludovici). 

In a response to comments made by Examiner in two telephone conversations in 
mid-July, 2005, applicants submitted proposed amendments and arguments as fiirther 
responses to the prior Office action of December 16, 2004. These amendments and 
arguments were sent via facsimile on July 22, 2005, but apparently were not entered. 
Instead, the present Office action dated August 17, 2005 was mailed. 

By present amendment, claims 22 and 23 are amended to avoid the alleged 
informalities regarding abbreviations, acronyms, etc. 

Amendments to claims 22-24 are presently made in response to the alleged lack 
of sufficient antecedent basis for the language "said data packet streams." 
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Claims 22-25, as presently amended, remain in the application. 



Arguments in support of patentability of 
claims remaining in the application 

Claims 22 and 23 have been amended to avoid any possible informalities 
regarding the use of "DNS" and "IPsec" in these claims. 

In the rejection of claims 22-24 under 35 USC § 1 12, Examiner indicates that the 
language "said packet data streams" has insufficient antecedent basis in the claim(s), 
apparently believing that the antecedent language "at least one packet data stream" is 
"insufficient" for this purpose. That is, it appears that Examiner's concern is that there is 
a lack of singular-plural agreement between these two quoted phrases. 

Applicant's attorney respectfully disagrees that there is any such lack of 
agreement. When based on the antecedent language "at least one packet data stream," it 
is clear that "said packet data streams" includes the case of a singular data stream as well 
as the case of plural data streams. Moreover, there are no other packet data streams (or 
stream) to which "said packet data streams" refers or could refer. 

Nevertheless, to facilitate prosecution of the present application and provide 
consistency of usage, applicants have amended claims 22-24 to avoid any possible lack of 
antecendents in these claims. It is emphasized, however, that the change reflects only a 
minor matter of form, and does not change the meaning from that of the prior language in 
these claims. 

In respect of the rejection of claim 22 over Liu under 35 U.S.C. § 102(e), 
Examiner identified FIGs. 1 and 2, the abstract and various portions of the Liu 
description. Applicants respectfully disagree with Examiner's application of the 
teachings of Liu in rejecting applicants' claim 22. 

In the first reference to Liu (paraphrasing the preamble of claim 22), Examiner 
cites to FIGs. 1 and 2. While not expressly stated, it appears that Examiner is comparing 
one of Liu's VPN gateways, such as 115, 125, or 135 to applicants' NIU (102, 202 or 
302, for example). But Liu's VPN gateways and their relationship to VPN Management 
Station 160 shown in FIG. 1 present fundamentally distinct structure and functioning. 
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Liu's VPN Management Station 160 is an attempt to avoid manual configuring of 
a plurality of VPN gateways to avoid potential errors and allow remote updating. See, 
for example, Liu at col. 2, line 52 through col, 3, line 21. 

In particular, Liu's teachings provide that a command specifiying a network 
operation received at VPN management station 160 for translation into configuration 
information for delivery to VPN gateways affected by the command. (Liu, col 3, lines 8- 
14.) VPN groups are established in the Liu system and VPN processing is performed and 
packets delivered when it is determined that source and destinations are members of the 
same VPN group. (Liu, FIG. 2, 220,240 and 250.) 

Importantly, configuration parameters delivered to gateways include specific 
groups of addresses between which communications are to be transmitted securely. In a 
variation on this embodiment, the configurationparameters include Internet Protocol (IP) 
addresses. Thus address information is provided to gateways to define VPN groups and 
to individual IP addresses, (Liu, col. 3, lines 39-43.) Further illustration of the 
management of network addresses and the express provision of them to particular 
gateways is provided by FIGs. 8-10 and the discussion thereof at col. 10, line 7 through 
col. 11, line 9. 

From Liu's description of VPN management station 160 and its relationship to the 
respective VPN gateways (and their VPN groups and addresses), it is clear that Liu's 
VPN management station 160 provides an overall control function for the VPN gateways. 
This control is directed in large part by the delivery by VPN management station 160 of 
address definitions of VPN groups and the individual IP addresses of source and 
destinations for VPN paths. 

In contradistinction, the invention defined in applicants' presently amended claim 
22, recites NIU functions including "providing network destination address information 
from a Domain Name System server for at least selected ones of said data streams." This 
is inconsistent with Liu's use of explicit IP addresses and VPN groups defined by 
addresses delivered as configuration parameters by Liu's centralized VPN management 
station 160. 

Thus, Examiner's cite to Liu's step 250 in FIG. 2 is inapposite. Liu does not 
perform the step of applicants claim 22: "providing network destination address 
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information from a Domain Name System server for at least selected ones of said data 
streams." Instead, Liu relies on the explicit download of addresses from his VPN 
management station 160 to individual VPN gateways. 

It should be understood that the DNS function recited in claim 22 is not consistent 
with the operation of Liu's system. That is because explicit address information is 
downloaded in the form of IP addresses and ranges no DNS function need be performed 
in Liu. Applicants' "providing network destination address information from a DNS 
server," on the other hand permits resolution of address information in applicants' NIU. 
In particular, applicants' DNS function is described, for example, in the specification at 
page 15, line 30 through page 16, line 1, where it is noted that applicants' "DNS server 
415 provides network address resolution for destinations specified in other formats ^ and 
substitutes for access to network-based DNS servers commonly used for non-secure 
networking applications." [Emphasis added.] 

The providing of destination address information in the manner recited in 
applicants' claim 22 confers advantages to applicants' embodiments in the form of 
increased flexibility and mobility. That is, reliance on Liu's rigid address format, 
updating from a central VPN management station 160 and rigid adherence to VPN groups 
need not be observed in applicants' claimed invention. This is especially important in 
applications of the present inventive methods where a user is required to move from one 
location to another as discussed, for example, in the specification at page 23, line 28 
through page 24, line 5 where it is noted that 

Thus, for example, a traveling business person will efficiently and simply 
access a corporate headquarters LAN over the Internet by connecting through a 
network interface unit supporting a variety of client devices including one a 
laptop computer, web-enabled cell phone, personal digital assistant and a variety 
of peripheral devices. Such connections will be made from corporate branch 
offices, customer offices, supplier offices, hotel rooms and, via wireless links, 
from virtually anywhere. Such connections will be available over dial-up, cable, 
DSL, private line, wireless and other types of links, the configuration information 
for which will be automatically derived using present inventive teachiuRS . 
(Emphasis added.) 
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Thus, no basis has been cited by Examiner by which the DNS address resolution 
feature of the invention defined by applicants' claim 22 is anticipated by Liu. Nor has 
any teaching of Liu been cited that achieves the above-cited advantages of the present 
invention of claim 22. 

For these reasons, it is submitted that claim 22 as presently amended is patentable 
over Liu. Reconsideration and allowance of independent claim 22 is therefore 
respectfully solicited. 

Claims 23-25 stand rejected as unpatentable over Liu in further view of Ludovici 
under 35 U.S.C. § 103(a). It is said by Examiner that with respect to claim 23, Liu is 
silent with respect to modifying packets in an IPsec server, but that Ludovici shows such 
an operation - citing to FIG. 22 and the abstract of Ludovici. 

In important ways Ludovici, like Liu, describes a centrally managed VPN 
network. In particular, VPN manager 162 (also known as VPNCNM) is described as 
managing all IPsec tunnels (Abstract). In FIG. 22 (characterized as a systems view of a 
VPN solution), the interaction of components including VPNCNM (there styled 450) that 
centralizes control of all VPN connections is shown. IPsec 452 appears to be included 
among the functions controlled. 

However, it is clear that Lodovici does not include IPsec (or DNS server) 
functionality in the manner of the NIU of applicants' claim 23. Just as control for 
address resolution functionality is centralized in Liu outside of any NlU-like element 
connected to a LAN, so too is IPsec functionality controlled in Lodovici 's centralized 
VPN controller outside of any NlU-like element as in applicants' claim 23. While IPsec 
itself is not new, the manner of use in applicants NIU in combination with the other steps 
of claim 23 is new and non-obvious. Nothing in Liu and Lodovici, taken individually or 
in any combination, performs IPsec functionality in the manner of claim 23. Nor is the 
claimed IPsec method functionality in applicants' NIU even suggested in the Liu and 
Lodovici references or any combination of them. If Liu was modified to incorporate the 
teachings of Lodovici (and there is no basis presented in the descriptions of these 
references, nor identified by Examiner, to suggest this) applicants' invention still remains 
conceptually different and non-obvious (NlU-based versus centrally controlled). The 
IPsec step of claim 23, like the method of claim 22 from which it depends is performed in 
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a NIU; neither Liu or Lodovici (or any combination of the two) teaches or suggests such 
method steps. 

In addition, claim 23, as presently amended, depends from claim 22 as presently 
amended and includes all of its limitations. For these reasons it is respectfully submitted 
that claim 23 as presently amended is patentable over Liu taken with Lodovici. 

It appears that claims 24 and 25 are rejected as obvious only over features said to 
be found in Liu; no bases are presented by Examiner as to how Lodovici would 
contribute to any anticipation or obviousness of claims 24 and 25 - other than those 
applying to claim 23 from which claims 24 and 25 depend. This condition exists despite 
the nominal reference to Lodovici as applying to claims 23-25 in paragraph 8 of the 
present Office action. In any event, claims 24 and 25 include all of the limitations of 
claim 22 and 23, as presently amended, and so are patentable over Liu (and Lodovici and 
any combination of Liu and Lodovici) for the reasons stated in connection with the 
arguments in support of claims 22 and 23 above. 
Conclusion 

For the foregoing reasons, it is respectfully submitted that claims 22-25 remaining 
in the application, as presently amended, overcome or avoid all bases for rejection or 
objection and are allowable. It is requested that all claims be further examined, found 
allowable and passed to issue. 
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Please address all correspondence to: Samuel H. Dworetsky, Esq., AT&T, P.O. 
Box 4110, Middletown, NJ 07748. Applicant's attorney can be reached at (908) 464- 
6602. 



Respectfully, 

Y. Chen 
M.J. Foladare 
S.B. Goldman 
T. Killian 
N.L. Schryer 
K. Stone 
R.P. Weber 



By 

Date: November 16, 2005 William Ryan 



Attorney for Applicant 
Reg. No. 24,434 
(908) 464-6602 
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